Field of the Disclosure
The present disclosure relates generally to wireless communication systems and, more particularly, providing connectionless service in wireless communication systems.
Description of the Related Art
User equipment can transmit messages of varying sizes over an air interface to a base station in a wireless communication system. For example, user equipment that are configured for machine-type-communication may transmit messages ranging in size from several packets down to a single packet. In order to transmit messages over the air interface, an idle user equipment is typically required to transition to an active state and send a service request to the network, which triggers configuration of a security context for the communication session between the base station and the user equipment so that the messages can be securely communicated over the air interface. For example, the idle user equipment may transition to the active state and send a service request to a mobility management entity (MME) in the network via a base station. The MME and the active user equipment may then perform an authorization and authentication procedure with the assistance of the Home Subscription System (HSS) to authenticate subscription credentials that were previously securely placed in the Universal Subscriber Identity Module (USIM) of the user equipment.
Successful authentication of the user equipment results in computation (at the user equipment and at the HSS for provision to the MME) of a shared secret key (KASME) that can be used to generate one or more security keys that form a Non-Access Stratum (NAS) security context for the active user equipment. The KASME can be also used to generate an Access Stratum (AS) security context for the user equipment and the base station. For example, the user equipment can generate a security key (KeNB) using its copy of the KASME and the MME can use its copy of the KASME to provide a copy of the security key (KeNB) to the base station. The user equipment and the base station may use their respective copies of the security key (KeNB) to negotiate the AS security context, which may include one or more subordinate keys to support secure communications over the air interface by providing radio resource control (RRC) encryption and integrity and user plane encryption and integrity.
When communication over the air interface is complete, the user equipment returns to the idle state. The base station deletes information identifying the user equipment (such as a temporary mobile subscriber identity, TMSI) and the AS security context that was used to support secure communication with the base station. During the active communication mode under protection of the NAS security context, the MME may allocate a different temporary identifier (such as a new value of the TMSI) to the user equipment for each subsequent request. Thus, once the user equipment has transitioned back to the idle state, the base station is not able to recognize that a subsequent request is being received from the user equipment that previously established the AS security context with the base station. The MME and the user equipment retain the NAS security context, which can be used to reestablish the AS security context when the user equipment subsequently awakes to begin a new communication session over the air interface with the base station. Consequently, the idle user equipment must repeat the service request procedure to the MME to reestablish the AS security context each time it wants to send information over the air interface.